History Tends to Repeat Itself - Attackers Repurpose Tried and Tested Methods to Launch Attacks Research by The Radicati Group shows that email remains the most ubiquitous form of business communications,...

PuTTY, an SSH and Telnet client program, and LibSSH2, a client-side C library for the SSH2 protocol, have both received updates fixing multiple vulnerabilities. Eight vulnerabilities have been fixed in version...

While Facebook’s bug bounty program does not typically cover denial-of-service (DoS) vulnerabilities, the social media giant has decided to award a significant bounty for a serious flaw affecting Fizz, its open...

The financially-motivated hacking group FIN7 has used new malware samples in a recent attack campaign, Flashpoint security researchers warn. Operating since at least 2015, the cybercrime gang has been mainly focused...

Finnish authorities will launch an investigation into claims that Nokia phones have been transmitting users' personal data to China, the country's data protection ombudsman announced on Thursday. "Based on our initial...

Manufacturing arguably offers the largest attack surface of almost any industry with regards to cybersecurity threats, and has long been a prime target for ‘everyday’ attacks like phishing, ransomware, data-theft –...

Poland-based cybersecurity research firm Security Explorations claims to have identified nearly 20 vulnerabilities in Oracle’s Java Card, including flaws that could be exploited to compromise the security of chips using this...

A serious denial-of-service (DoS) vulnerability has been found in Schneider Electric’s Triconex TriStation Emulator software. The vendor has yet to release a patch, but assured customers that the flaw does not...

Mimikatz Has Become a Lethal Weapon for Attackers Seeking to Move Laterally Inside Corporate and Government Networks The origin story of Mimikatz — a post-exploitation module that has enabled criminals to...

Apple’s Safari web browser and the Oracle VirtualBox and VMware Workstation virtualization products were hacked on the first day of the Pwn2Own 2019 hacking competition, earning researchers a total of $240,000...

Cisco Talos security researchers were able to leverage properties of the Universal Plug and Play (UPnP) protocol to unmask the IPv6 address of specific IPv4 hosts. Comparative scans of discovered hosts...

Vulnerabilities recently addressed by CUJO AI in the CUJO Smart Firewall could be exploited to take over the device, Cisco Talos security researchers reveal. Based on a Linux-based operating system running a kernel...

A security firm's Vulnerability Research Team (VRT) found and reported a vulnerability in SoftNAS Cloud data storage. SoftNAS fixed the vulnerability last week, and details of the vulnerability are now being...

A vulnerability in Ghidra, the generic disassembler and decompiler released by the National Security Agency (NSA) in early March , could be exploited to execute code remotely, researchers say. The flaw,...

Google recently patched a vulnerability in its Photos service that could have been exploited via browser-based timing attacks to track users, Imperva revealed on Wednesday. Google Photos allows users to store,...

Governments within the European Union appear to be flouting their own GDPR laws. Many official government websites are harboring and delivering tracking cookies from the ad tech industry even though they...